Kismet Setup on WL-500g

[rtaank]

Hello to everybody, I am a newbie to the forum, and this is my first thread!

Basically, i've spent an hour or so searching the site for a HOWTO on installing, and running Kismet on my WL-500g running the latest oleg 1.9.2.7-7f (2006-11-06) firmware.

I have a 1gb USB flash drive attached my WL-500g too (mounted at /tmp/harddisk) - so storage space is not an issue. I am able to FTP into this space too.

After reading numerous postings, I could not find a definitive guide?

I want to know:

- how and where to download the latest compatible Kismet sources from to my WL-500g
- using telnet, how to get it all set up and running
- how to manage captured data (i.e. dump files)

I would like Kismet to dump all data to the 1gb space. I will then FTP into my USB storage and retrieve any captured dumps.

If somebody could point me in the right direction, it would be a fantastic welcome into the forum!

Thanks!

[diody]

This is the only version that worked for my WL500GP with oleg's firmware:

http://www.kismetwireless.net/code/k...1-wrt54.tar.gz

How to set it up you will find here on this forum.

The first thing you have to do is:

Code:

wl monitor 1

[diody]

Here are my kismet.conf important lines if it helps you. Change the suiduser to whatever you have (default is admin).

Code:

# Kismet config file
# Most of the "static" configs have been moved to here -- the command line
# config was getting way too crowded and cryptic.  We want functionality,
# not continually reading --help!

# Version of Kismet config
version=2005.01.R1

# Name of server (Purely for organiational purposes)
servername=Asus

# User to setid to (should be your normal user)
suiduser=root

# Sources are defined as:
# source=cardtype,interface,name[,initialchannel]
# Card types and required drivers are listed in the README.
# The initial channel is optional, if hopping is not enabled it can be used
# to set the channel the interface listens on.
# YOU MUST CHANGE THIS TO BE THE SOURCE YOU WANT TO USE
source=wrt54g,prism0,wireless
# For v1 hardware uncomment this:
#source=wrt54g,eth1,wrt54gsource

# File types to log, comma seperated
# dump    - raw packet dump
# network - plaintext detected networks
# csv     - plaintext detected networks in CSV format
# xml     - XML formatted network and cisco log
# weak    - weak packets (in airsnort format)
# cisco   - cisco equipment CDP broadcasts
# gps     - gps coordinates
logtypes=dump,network,csv,xml,weak,cisco,gps

# Do we track probe responses and merge probe networks into their owners?
# This isn't always desireable, depending on the type of monitoring you're
# trying to do.
trackprobenets=true

# Where do we store the pid file of the server?
piddir=/var/run/

# Where state info, etc, is stored.  You shouldnt ever need to change this.
# This is a directory.
configdir=/opt/.kismet/
ipmap=ip_map

[Chillout]

Hi all,

I'm using Kismet on my wl500gP to monitor the wireless activities in my neighbourhood (no sniffing intentions of course). Recently I noticed that it's not seeing all networks anymore... it also marks an open network (I know it's open by checking with my laptop and asking my neighbour) as WEP-encrypted. Strange...

Anyone has any ideas what this could be?
Also, are all Kismet (WRT54G)versions usable on the WL500G?

Thanks in advance for your answers!

[spazmonkey]

hello,

I seem to be having a similar problem. I've been trying to get kismet running on my wl500gP. I've tried using openwrt with no success but you seem to have had success at one point using olegs firmware. I've searched the forums for instructions on installing kismet with no luck. Can you point me in the right direction? If I can manage to get it installed I can try to troubleshoot with you.

thanks

[dp79]

Hi,

I'm using kismet to scan wifi networks and it works fine for AP detection, but unfortunately it doesn't give me signal strength info. Kismet has the option (I think with "L" it pops up), but it always shows full strength to me on every sources.
Does anybody know any other way to detect signal strength of an near-by AP?

I use airodump-ng successfully on my PC (It shows PWR and Qty as well), but unfortunately the Oleg firmware doesn't have aircrack-ng among the programs in the repository (due to broadcom's incompatibility with packet injection and driver problems in general).
Maybe just this tool (airodump-ng) from aircrack-ng can be somehow implemented on Oleg's firmware and it might work fine after setting the "wl monitor 1" command. So, I was thinking of native or cross-compiling it by myself, but after reading many post I realized that it is not as easy as I thought first

So, any help is greatly appreciated!

Thanks,
dp79

[dp79]

Although I haven't got airodump-ng compiled, but I found something what actually partially gives me what I wanted. The name of this utility is airfinder. It refreshes the signal power info in every 400ms, so it is useful for antenna fine tuning.
I attached the tarball, so you can create your own if you find it useful.
Copy it to your harddisk / pendrive and

PHP Code:

cd /tmp/"your harddrive"/"airfinder directory"
tar -xzf airfinder-1.0beta1.tar.gz
cd airfinder-1.0beta1
make 


After this you just need to copy airfinder (no extension) to /opt/sbin

usage:

PHP Code:

wl monitor 1
airfinder prism0 [channel] [mac address] 


I hope it will be useful for others too.

Many thanks for Thomas d'Otreppe for this nice app.

Cheers,
dp79

[qnx4ever]

Thanks for the App,
gave it a quick try. It either didn't work for me or I'm doing something wrong. Should I always slecify MAC address of what I'm seeking for ? Can it show all AP's/Clients on specific channel ?